Feb 24, 2017: Do you know that now hackers can hack your computer even when it is offline. A drone can steal data from a computer’s blinking LED. So if you have an air-gapped computer, it is time that you cover up the hard drive’s flashing LED lights.
Although air-gapped computers are not connected to any network, yet they are not safe from remote hackers. Security researchers from Israel’s Ben Gurion University showed that air-gaps can be breached as well. Moreover, an insider can always insert a USB drive into an air-gapped computer and hack data.
The researchers have demonstrated that if an attacker managed to infect an air-gapped computer, they can steal data semi-remotely at any time by using a camera to capture the signals from the LED lights of the hard-disk drive (HDD).
The LEDs flicker when the drive undergoes read and write operations, and can transmit data visually. The researchers devised malware that can force an HDD LED to blink 6,000 times per second. If that light is visible from a window, a camera-equipped drone or telescopic lens can capture the signals at any distance.
In a paper, the researchers explained in a new paper that data can be leaked from HDD LEDs at a rate of 4kbps. That speed is incredibly slow by today’s USB standards, but it’s more than enough to steal encryption keys or text and binary files. According to the researchers, it’s an impressive 10 times faster than previous optical covert channels for leaking data from air-gapped computers.
“We found that the small hard-drive indicator LED can be controlled at up to 6,000 blinks per second. We can transmit data in a very fast way at a very long distance,” Ben-Gurion researcher Mordechai Guri said. The hard-drive LED usually flickers, so the user will not be able to be suspicious about the stealing of the data.
The researchers tested a number of cameras to steal data from LEDs. They tested with Nikon DSLR, high-end security camera, GoPro Hero5, Microsoft LifeCam, Samsung Galaxy S6, etc.
However, researchers have not yet tested the distance at which LED light can be captured. However, they stated that they have been able to identify LED signals from 20 m away.
However, there are a number of ways to counter this hacking like covering the LEDs, banning cameras, disconnecting the LED, or installing signal jammers, or software.